[SANS ISC] Python DLL Injection Check

[SANS ISC] Python DLL Injection Check

I published the following diary on isc.sans.edu: “Python DLL Injection Check“:

They are many security tools that inject DLL into processes running on a Windows system. The classic examples are anti-virus products. They like to inject plenty of code that, combined with API hooking, implements security checks. If DLLs are injected into processes, they can be detected and it’s a common anti-debugging or evasion technique implemented by many malware samples. If you’re interested in such techniques, they are covered in the FOR610 training. The detection relies on a specific API call GetModuleFileName()… [Read more]



Source link

The post [SANS ISC] Python DLL Injection Check appeared first on SecuritNEWS.


Published by SecuritNEWS

SecuritNEWS is a news aggregating site. We aggregate news from publicly available RSS fields. Please contact us for copyright concerns. SecuritNEWS depends on ad networks and Amazon.com affiliate programs for monetization.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create your website with WordPress.com
Get started
%d bloggers like this: